topbanner_forum
  *

avatar image

Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
  • Monday March 18, 2024, 10:24 pm
  • Proudly celebrating 15+ years online.
  • Donate now to become a lifetime supporting member of the site and get a non-expiring license key for all of our programs.
  • donate

Author Topic: Ultimate Lock Picker Hacks Pentagon, Beats Corporate Security for Fun and Profit  (Read 11703 times)

mouser

  • First Author
  • Administrator
  • Joined in 2005
  • *****
  • Posts: 40,896
    • View Profile
    • Mouser's Software Zone on DonationCoder.com
    • Read more about this member.
    • Donate to Member
From Wired.com article, with videos, on master lock picker Marc Weber Tobias:

The problem, if you're a safe company or a lock maker, is that Tobias makes it all public through hacker confabs, posts on his Security.org site, and tech blogs like Engadget. He views this glasnost as a public service. Others see a hacker how-to that makes The Anarchist Cookbook read like Betty Crocker. And where Tobias sees a splendid expression of First Amendment rights, locksmiths and security companies see a criminal finishing school. Tobias isn't just exposing problems, they say. He is the problem.
But forget bike locks and hotel room safes: These days, Tobias is attacking the lock famous for protecting places like military installations and the homes of American presidents and British royals.

Between stabs at his salad, Tobias hands me his latest idea of fun: nearly 300 pages of self-published hacker-porn detailing his attack on the allegedly uncrackable Medeco high-security lock. "Trust me, this will cause a goddamned riot!" he says, dabbing at tears of joy with a paper napkin. "Oh yeah, this is way, way bigger than the liquid explosives thing!" And he's right, it is bigger--and with way, way bigger consequences.



from http://www.boingboing.net/

40hz

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 11,857
    • View Profile
    • Donate to Member
Love it! I've followed Tobias' antics over the years, but this one beats all.

And it also looks like the cat is really out of the bag big time. This is what you'll get if you try to access his website www.security.org in the wake of the Wired article.

overload.gif

I'm sure the security professionals are up to their ears in client phone calls by now.

Much as he rankles many people, his contention that a false sense of security is as dangerous - or more dangerous - than not having any security at all is a hard point to argue against. And any security system that depends on ignorance for its effectiveness is a flawed solution.

Tobias serves up a bitter pill to swallow. But it's good medicine just the same.

 8)
« Last Edit: June 01, 2009, 01:21 PM by 40hz »

cranioscopical

  • Friend of the Site
  • Supporting Member
  • Joined in 2006
  • **
  • Posts: 4,776
    • View Profile
    • Donate to Member
it's good medicine just the same
Better take a tumbler full and lubricate the teeth!

Edvard

  • Coding Snacks Author
  • Charter Honorary Member
  • Joined in 2005
  • ***
  • Posts: 3,017
    • View Profile
    • Donate to Member
it's good medicine just the same
Better take a tumbler full and lubricate the teeth!

-cranioscopical (June 01, 2009, 01:30 PM)

That's quite a combination.

Stoic Joker

  • Honorary Member
  • Joined in 2008
  • **
  • Posts: 6,646
    • View Profile
    • Donate to Member
There is no reason to build a better mouse trap...until the mouse wins ... Tobias is an 800lb Mouse.

Ehtyar

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 1,237
    • View Profile
    • Donate to Member
Absolutely superb article, thanks for posting it Mouse Man :up: :up:

It's funny to discover that the behavior (read: stupidity) we've seen from just about every cyber-entity in relation to just about anything security, is by no means limited to the cyber-realm. I guess it's a testament to people being as stupid IRL as they are online.

Ehtyar.

housetier

  • Charter Honorary Member
  • Joined in 2005
  • ***
  • default avatar
  • Posts: 1,321
    • View Profile
    • Donate to Member
I liked the article also very much. I find this rebellion very charming :-)

I know a few lock pickers in Berlin, they even have regular competitions and give workshops. Sometimes they help the police by providing "fingerprints" of tools that are used to pick locks. However, these people won't open your door when you have locked yourself out. "We open locks, but not doors" they say.

In a way, they are hackers too and I can very much relate to that :)

f0dder

  • Charter Honorary Member
  • Joined in 2005
  • ***
  • Posts: 9,153
  • [Well, THAT escalated quickly!]
    • View Profile
    • f0dder's place
    • Read more about this member.
    • Donate to Member
However, these people won't open your door when you have locked yourself out. "We open locks, but not doors" they say.
How arrogant >_<
- carpe noctem

40hz

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 11,857
    • View Profile
    • Donate to Member
In a way, they are hackers too and I can very much relate to that :)

Excellent observation. Especially when you consider that back in the early days of hacking and phreaking, being able to pick a lock was considered part of the basic hacker skill set.

Defeating lock mechanisms is a popular hobby for many bright people, including some famous ones.

The physicist Richard Feynman used to combat boredom while working at Los Alamos on the Manhattan Project by cracking the combination locks on file cabinets and safes containing secret engineering plans for nuclear weapon development. Once he gained entrance, he'd often leave them open for the Military Police to "discover" when they conducted their rounds! He would then sit back and watch the base security people run around in a panic thinking spies had somehow gained access to classified research. Considering the country was at war, he's lucky he didn't get shot once they figured out it was him doing it.


Here's a picture of him from his Los Alamos ID card:

Richard_Feynman_ID_badge.png

That smile of his says it all. 8)

« Last Edit: June 07, 2009, 12:28 AM by 40hz »